This documentation is for a legacy version of Next.js and Supabase (v1). For the latest version, please visit the Next.js and Supabase documentation

Extend User Roles | Next.js Supabase SaaS Starter Kit

Learn how to extend the User Roles in the Next.js Supabase SaaS Starter Kit

The MakerKit Starter has three default roles:

enum MembershipRole {
  Member = 0,
  Admin = 1,
  Owner = 2,
}
export default MembershipRole;

We use an enum, but you can convert this to an object if you need more granular permissions.

The permissions are hierarchical, which means that if we had a role with a lower level (Readonly), we would add it before Member:

export enum MembershipRole {
  Readonly = 0,
  Member = 1,
  Admin = 2,
  Owner = 3,
}

When writing permissions between users, we can check if the user performing the action has a greater role than the target user.

You can extend the role above easily by adding your own, for example:

export enum MembershipRole {
  Readonly = 0,
  AccountManager = 1,
  Owner = 2,
}

Afterward, remember to add the name and descriptions of these roles in the translations file common.json:

"roles": {
  "owner": {
    "label": "Owner",
    "description": "Can change any setting, invite new members and manage billing"
  },
  "accountmanager": {
    "label": "Account Manager",
    "description": "Can change some settings, invite members, perform disruptive actions"
  },
  "readonly": {
    "label": "Readonly",
    "description": "Can only read information"
  }
}

Learn more about using user roles in your permissions system by checking the role against the user's membership role in your application logic.

The role is stored in the database as a column in the memberships tabel.